> > Works for me. One of you guys want to send a PR?
Sam has sent one in: https://github.com/ietf-wg-acme/acme/pull/214 On Fri, Nov 25, 2016 at 5:03 PM, Richard Barnes <[email protected]> wrote: > > > On Fri, Nov 25, 2016 at 11:36 AM, Sam Kuper <[email protected]> wrote: > >> Hi Daniel, >> >> On 25/11/2016, Daniel McCarney <[email protected]> wrote: >> > I can see no good reason for this to be "SHOULD" rather than "MUST". >> >> Please can it be changed to "MUST"? Otherwise, a client might have no >> >> way of knowing why the request failed, and therefore no reasonable way >> >> to proceed. >> > >> > This seems reasonable, I would also be supportive of a change like this. >> >> Excellent. Thank you. >> > > Works for me. One of you guys want to send a PR? > > --Richard > > > >> >> >> That looks dangerous to me. If the server implements the requirement >> >> above, then when Mallory's attempt to replay Alice's request has just >> >> failed, the server will reply with a fresh nonce, thereby >> >> potentially giving Mallory the means to usurp Alice's session. Ouch! >> > >> > You start by talking about an adversary that is replaying existing >> > messages, >> > which causes the badNonce error when the request is replayed the second >> > time. But when you say "potentially giving Mallory the means to usurp >> > Alice's session", that would require the adversary construct a new >> signed >> > message using the nonce without the participation of Alice - this >> shouldn't >> > be >> > possible in the MITM threat model that the nonce usage is meant to >> address. >> >> Ah, indeed, if the request must contain the new nonce and be signed >> with Alice's private key, then you are correct, and my previous reply >> (to Philipp) was overly hasty. >> >> Thanks for your explanation, and apologies to Philipp for my >> misunderstanding. >> >> Sam >> >> _______________________________________________ >> Acme mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/acme >> > >
_______________________________________________ Acme mailing list [email protected] https://www.ietf.org/mailman/listinfo/acme
